Vulnerability assessment specialists reported the finding of at least 14 security vulnerabilities in CentOS, a free hosting management web portal designed to facilitate the management of dedicated servers and VPS. According to the report, successful exploitation of these vulnerabilities could allow scenarios such as SQL injection or path traversal.
Below are some details about the reported flaws, in addition to their respective scores. It should be noted that these vulnerabilities have not received an identification key according to the Common Vulnerability Scoring System (CVSS).
- Insufficient disinfection of user input in the “user” parameter of “ajax_mail_autoreply.php” allows remote hackers to execute arbitrary SQL queries against the target database. The flaw received a score of 6.9/10.
- Incorrect input validation within “ajax_ftp_manager.php” allows remote hackers to execute arbitrary commands on the target system. This flaw is considered critical, as it received a score of 9/10.
- Insufficient disinfection of user input in the “package” parameter in “ajax_list_accounts.php” allows remote threat actors to execute arbitrary SQL queries against the target database. This vulnerability received a score of 6.9/10.
- Insufficient disinfection of user input in the “status” parameter in “ajax_list_accounts.php” allows remote users to run arbitrary SQL queries on the target database, vulnerability assessment specialists mention.
- This flaw exists due to insufficient disinfection of user-submitted data in the “username” parameter of “ajax_list_accounts.php”, which would allow remote threat actors to execute arbitrary SQL queries. The flaw received a score of 6.9/10.
- Insufficient disinfection of user input in the “type” parameter of “ajax_list_accounts.php” would allow remote hackers to execute arbitrary SQL queries. The vulnerability received a score of 6.9/10.
- This flaw exists due to inadequate debugging of user-provided data, vulnerability assessment experts mention. The flaw would allow you to obtain sensitive information by running arbitrary SQL queries.
- Insufficient debugging of user input in the “email” parameter in “ajax_mail_autoreply.php” would allow malicious hackers to execute arbitrary SQL queries against the database. The vulnerability received a score of 6.9/10.
- The flaw exists due to insufficient disinfection of user input in the “search” parameter of “ajax_mail_autoreply.php”. Remote hackers could submit a specially crafted request to execute arbitrary SQL queries. The flaw received a score of 6.9/10.
- An input validation error when processing cross-sections within the “ajax_mod_security.php” parameter in “file” would allow attackers to execute directory-scale attacks. This is a critical flaw that received a score of 9/10, mentioned by vulnerability assessment specialists.
- Insufficient debugging of user input in the “domain” parameter of “ajax_new_account.php” would allow threat actors to execute arbitrary SQL queries and obtain potentially sensitive information. The flaw received a score of 6.9/10.
- The flaw exists by incorrect debugging of user input in the parameter “username” in “ajax_add_mailbox.php”. An unauthenticated remote hacker could allow remote hackers to execute arbitrary SQL queries. The flaw received a score of 6.9/10.
- 1Insufficient disinfection of user input in the “term” parameter in “ajax_dashboard.php” would allow hackers to run arbitrary SQL queries against the target database. This vulnerability received a score of 6.9/10.
- The vulnerability exists due to insufficient disinfection of user input in the “account” parameter in “ajax_mail_autoreply.php”, which could lead to the execution of arbitrary SQL queries on the target system. The flaw received a score of 6.9/10.
The developers received the report and acknowledged the flaws. Unfortunately, so far there are no security patches available to fix these vulnerabilities or workarounds to mitigate the risk of exploitation. The good news is that so far no attempts to exploit in real scenarios or some malware linked to this attack have been reported.
For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
